From owner-freebsd-questions@FreeBSD.ORG Fri Sep 12 14:39:38 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D955C16A4BF for ; Fri, 12 Sep 2003 14:39:38 -0700 (PDT) Received: from stork.mail.pas.earthlink.net (stork.mail.pas.earthlink.net [207.217.120.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6751243FEA for ; Fri, 12 Sep 2003 14:39:33 -0700 (PDT) (envelope-from algould@datawok.com) Received: from 22-15.lctv-b4.cablelynx.com ([24.204.22.15] helo=yoda.datawok.com) by stork.mail.pas.earthlink.net with asmtp (TLSv1:RC4-MD5:128) (Exim 3.33 #1) id 19xvd0-0004jX-00; Fri, 12 Sep 2003 14:38:54 -0700 From: "Andrew L. Gould" To: Kirk Strauser , freebsd-questions@freebsd.org Date: Fri, 12 Sep 2003 16:39:14 -0500 User-Agent: KMail/1.5 References: <87r82lbu4y.fsf@strauser.com> In-Reply-To: <87r82lbu4y.fsf@strauser.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200309121639.14573.algould@datawok.com> X-ELNK-Trace: ee791d459e3d6817d780f4a490ca69564776905774d2ac4b4fb5ff1014d3c114b70d0f9244829d79350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c Subject: Re: Trying to secure PostgreSQL X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2003 21:39:39 -0000 X-List-Received-Date: Fri, 12 Sep 2003 21:39:39 -0000 On Friday 12 September 2003 03:59 pm, Kirk Strauser wrote: > I'm running PostgreSQL 7.3 on a FreeBSD 5.1 server. The databases are > working well and it's humming along nicely, but I really want to secure it. > > In particular, my pg_hba.conf looks like: > > local all pgsql > trust host all all 127.0.0.1 255.255.255.255 > md5 host all all 10.0.5.16 255.255.255.255 md5 > > This isn't very good. Any user connecting to the machine via the network > is authenticated as expected, but local connections slide in without > protection. The biggest problem with this comes with running phpPgAdmin. > Since it runs under Apache on the same server, it uses a local connection > to the database. That means that Joe User can type > > Username: pgsql > Password: > > and have full read/write access to all of my databases. > > This is not good. > > The alternative seems to be re-writing the first line of pg_hba.conf as > > local all all md5 > > That works decently, *except* that I have to enter the password for `pgsql' > before the database startup. > > I've Googled for the answer, but there seems to be a tremendous amount of > chaff with the wheat. I know other admins have dealt with this; how did > you handle it? Is there an important document I'm missing somewhere? You're looking for something difficult when the easier answer is correct. As root, set pgsql's password by executing: passwd pgsql Best of luck, Andrew Gould